Ask the Experts

Ask the Experts

• ATM jackpotting: How does the Ploutus.D malware work?

  Ploutus.D malware recently started popping up in the U.S. after several ATM jackpotting attacks. Discover how this is possible and what banks can do to prevent this with Nick Lewis.  Continue Reading

• SamSam ransomware: How can enterprises prevent an attack?

  SamSam ransomware infected the Colorado DOT after hitting hospitals, city councils and companies. Learn how this version differs from those we've seen in the past.  Continue Reading

• How does Google's new detection model find bad Android apps?

  Malicious apps have been a consistent problem for the Google Play Store, so a new detection model has been released to help clean it up. Learn how this system works with Nick Lewis.  Continue Reading

• What risks does the OpenFlow protocol vulnerability present?

  Researchers found a vulnerability in OpenFlow that can cause problems. Learn how vendor-specific SDN controllers may cause these OpenFlow protocol vulnerabilities.  Continue Reading

• How can a 13-year-old configuration flaw affect SAP systems?

  Cybersecurity vendor Onapsis found a 13-year-old flaw that affects nine out of 10 SAP NetWeaver systems. Learn how the flaw affects SAP systems with expert Judith Myerson.  Continue Reading

• My Cloud EX2: How can this device expose unauthorized data?

  SpiderLabs discovered My Cloud EX2 backup devices exposing unauthorized HTTP requests. Join Judith Myerson as she explains how this happens, as well as the impact on DLNA devices.  Continue Reading

• LG network: How can attackers use preauthenticated commands?

  A vulnerability was found in the LG network involving remote preauthenticated commands. Learn how researchers created a malicious password to show how it issue can be abused.  Continue Reading

• How does an IMSI catcher exploit SS7 vulnerabilities?

  A warning was issued by the Department of Homeland Security regarding the exploitation of SS7 vulnerabilities by IMSI catchers. Learn how this puts mobile communication at risk.  Continue Reading

• How is Oracle Micros POS affected by CVE 2018-2636?

  A security researcher found a security flaw dubbed CVE-2018-2636 that enables the installation of malware on Oracle Micros POS systems. Learn more about the vulnerability.  Continue Reading

• What is missing from the NIST/DHS botnet security report?

  The joint DHS and NIST report on botnet security offers goals and action items to counter distributed cyberthreats. Learn the report recommendations with expert Nick Lewis.  Continue Reading

• Skygofree Trojan: What makes this spyware unique?

  Android malware was discovered by Kaspersky Labs and named Skygofree. This Trojan targets smartphones and tablets using spyware and gathers user information and app data.  Continue Reading

• Ransomware recovery: How can enterprises operate post-attack?

  A report detailed how Maersk recovered its infrastructure from a NotPetya ransomware attack along with its chosen recovery option. Expert Nick Lewis explains how it worked.  Continue Reading

• Okiru malware: How does this Mirai malware variant work?

  A Mirai variant has the ability to put billions of devices at risk of becoming part of a botnet. Discover how this works and what devices are at risk with expert Nick Lewis.  Continue Reading

• Facebook user data: How do malicious apps steal user data?

  Malicious apps collected Facebook user data through Facebook APIs. Expert Michael Cobb explains how social networking platforms can monitor third-party apps' access to data.  Continue Reading

• UPnP vulnerability: How is the UPnP protocol being misused?

  The UPnP protocol is being misused to distribute malware through home routers. Expert Michael Cobb explains the UPnP vulnerability and how to defend against it.  Continue Reading